New Software Bug Has Potential to Affect Hundreds of Millions of Computers

The bug can be used to remotely take control of almost any computer system. Experts say this could be more serious than Heartbleed.
Published: September 30, 2014

A dangerous bug has been found in a software component called Bash, commonly used in Linux systems and in Apple’s Mac operating system. Dubbed shellshock, the bug can be used to remotely take control of almost any computer system, and according to a report by BBC News, some experts believe this bug may be more serious than Heartbleed, discovered in April.

Prof Alan Woodward, a security researcher from Surrey, told the BBC, “Whereas something like Heartbleed was all about sniffing what was going on, this was about giving you direct access to the system. The door’s wide open.”

Experts estimate that Shellshock could hit 500 million machines. The problem is even more serious because many web servers use the Apache system, which uses the Bash software component. Bash stands for Bourne-Again-SHell and it’s a command prompt on many unix computers. Unix is an operating system on which other operating systems like Linux and Mac OS are built off.

The U.S. Computer Emergency readiness Team (US-Cert) is warning people about Shellshock and urging administrators to apply patches. However, some security researchers say patches are incomplete and will not fully secure systems.

——Article Continues Below——

Get the latest industry news and research delivered directly to your inbox.

According to an analysis by Mark Ward, a technology correspondent for the BBC, Shellshock rates a 10 on the vulnerability scale, but it is still too early to know how widespread its effect might be.

Posted in: News

Tagged with: Computer Security

ADVERTISEMENT
ADVERTISEMENT
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series